Xplico alternatives

Looking for an alternative tool to replace Xplico? During the review of Xplico we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. ntopng
  2. PCredz (extract data from pcap files)
  3. graudit (static code analysis tool)

These tools are ranked as the best alternatives to Xplico.

Alternatives (by score)

78

ntopng

Introduction

The ntopng replaced the older ntop utility. It now focuses on high-speed traffic analysis and flow collection. Typically this is useful for analysis of network traffic and troubleshooting of overused network links.

Project details

ntopng is written in C++.

Strengths and weaknesses

  • + The source code of this software is available

    Typical usage

    • Network analysis
    • Troubleshooting

    ntopng review

    60

    PCredz

    Introduction

    This tool can be of a great use to see what sensitive data leaks onto the network. This may be a public network or your own private network.

    Project details

    PCredz is written in Python.

    Strengths and weaknesses

    • + The source code of this software is available

      Typical usage

      • Data extraction

      PCredz review

      93

      graudit

      Introduction

      Analysis of source code helps to find programming flaws including those that can lead to software vulnerabilities. Graudit helps to uncover these by searching through the files and discover possible flaws. The tool supports languages like ASP, C, Perl, PHP, Python, and others.

      Project details

      graudit is written in shell script.

      Strengths and weaknesses

      • + The source code is easy to read and understand
      • + Tool is easy to use
      • + Used language is shell script
      • + The source code of this software is available

        Typical usage

        • Code analysis

        graudit review

        78

        PyREBox

        Introduction

        PyREBox is short for Python scriptable Reverse Engineering Sandbox. It provides dynamic analysis and debugging capabilities of a running QEMU virtual machine. The primary usage is the analysis of running processes to perform reverse engineering. PyREBox can change parts of the running system by changing data in memory or within processor registers.

        Project details

        PyREBox is written in C++, Python.

        Strengths and weaknesses

        • + The source code of this software is available

          Typical usage

          • Binary analysis
          • Malware analysis
          • Reverse engineering

          PyREBox review

          68

          Bleach

          Introduction

          Bleach is a library for Django that can sanitize HTML by escaping and stripping harmful content. It provides a filter for untrusted content and disarms potential unwanted scripts from the input. This may be useful to apply to data that is transmitted via HTML forms or otherwise.

          Project details

          Bleach is written in Python.

          Strengths and weaknesses

          • + More than 25 contributors
          • + More than 1000 GitHub stars
          • + The source code of this software is available

            Typical usage

            • Data sanitizing

            Bleach review

            64

            CHIRON ELK

            Introduction

            CHIRON is a tool to provide network analytics based on the ELK stack. It is combined with Machine Learning threat detection using the Aktaion framework. Typical usage of the tool is home use and get the visibility of home internet devices. By leveraging the Aktaion framework, it helps with detection threats like ransomware, phishing, or other malicious traffic.

            Project details

            CHIRON ELK is written in Python.

            Strengths and weaknesses

            • + The source code of this software is available
            • - No releases on GitHub available

            Typical usage

            • Network analysis
            • Network security monitoring
            • Network traffic analysis
            • Threat discovery

            CHIRON ELK review

            59

            socat

            Introduction

            Socat is a tool to share data between systems. It can leverage an existing connection, or set up a new channel between two systems. This can be useful to relay traffic, do a quick data transfer, or test other systems. Another option is to use it on the local system to add an encrypted channel.

            Project details

            socat is written in C.

            Strengths and weaknesses

            • + The source code of this software is available
            • + Well-known tool

              Typical usage

              • Data encryption
              • Data transfers

              socat review

              64

              Trawler

              Introduction

              Trawler can simplify the work that is related to collecting phishing information like reports. It can process the information and use the information for follow-up steps.

              Project details

              Trawler is written in Python.

              Strengths and weaknesses

              • + The source code of this software is available
              • - No releases on GitHub available

              Typical usage

              • Data collection
              • Phishing attacks

              Trawler review

              100

              CIRCLean

              Introduction

              Malware regularly uses USB sticks to infect victims. This solution can convert documents with potentially harmful code into disarmed data formats. This converted data is then stored on a trusted device.

              Project details

              CIRCLean is written in shell script.

              Strengths and weaknesses

              • + The source code of this software is available

                Typical usage

                • Data sanitizing
                • Data transfers

                CIRCLean review

                56

                Metagoofil

                Introduction

                Metagoofil will perform a search in Google based on the given domain name. Any public documents will be downloaded and analyzed. For this task it uses libraries like Hachoir, PdfMiner, and others. Useful details include username, software versions, hostnames, etc.

                File types: pdf, doc, xls, ppt, docx, pptx, xlsx

                Project details

                Metagoofil is written in Python.

                Strengths and weaknesses

                • + The source code of this software is available

                  Typical usage

                  • Information gathering
                  • Penetration testing

                  Metagoofil review

                  60

                  swap_digger

                  Introduction

                  Swap memory is similar to active memory and may contain sensitive details.

                  Examples of sensitive data artifacts:

                  • Login accounts and passwords
                  • GPG keys
                  • Master keys of password managers
                  • Email addresses
                  • WiFi SSID details and keys
                  • Samba credentials
                  • Other authentication details

                  Project details

                  swap_digger is written in shell script.

                  Strengths and weaknesses

                  • + The source code of this software is available

                    Typical usage

                    • Data extraction
                    • Information gathering
                    • Penetration testing

                    swap_digger review

                    100

                    IVRE

                    Introduction

                    IVRE is a framework to perform reconnaissance for network traffic. It leverages other tools to pull in the data and show it in the web interface.

                    Project details

                    IVRE is written in Python.

                    Strengths and weaknesses

                    • + More than 10 contributors
                    • + More than 1000 GitHub stars
                    • + The source code of this software is available

                      Typical usage

                      • Digital forensics
                      • Information gathering
                      • Intrusion detection
                      • Network analysis

                      IVRE review

                      93

                      Scapy

                      Introduction

                      Scapy can handle tasks like network scanning, tracerouting, probing, unit tests, attacks or network discovery. Due to its manipulation possibilities, Scapy can send invalid frames. It allows you also to inject custom 802.11 frames, or combine other attacking techniques.

                      Project details

                      Scapy is written in Python.

                      Strengths and weaknesses

                      • + More than 2000 GitHub stars
                      • + The source code of this software is available
                      • - Many provided pull requests are still open

                      Typical usage

                      • Network analysis
                      • Security assessment

                      Scapy review

                      67

                      Wireshark

                      Introduction

                      Wireshark is a mature project with many users all over the world. Its library is stable and can be used by both graphical as text-based interfaces. With many books and even conferences around the subject, this tool is a safe bet to have in your toolbox.

                      Project details

                      Wireshark is written in C.

                      Strengths and weaknesses

                      • + The source code of this software is available
                      • + Well-known tool

                        Typical usage

                        • Network analysis
                        • Network traffic analysis
                        • Security assessment
                        • Troubleshooting

                        Wireshark review

                        Some relevant tool missing as an alternative to Xplico? Please contact us with your suggestion.